Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker

In recent months, we have encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code — for example, the miscellaneous scripts area of the Magento admin panel, or WordPress plugins such as Custom CSS & JS.

Custom script editors are popular with bad actors because they allow for external third party (and malicious) JavaScript and can easily pretend to be benign by leveraging naming conventions that match popular scripts like Google …

admin amp area attackers card cases code credit credit card credit card skimmer credit card stealers css ecommerce security facebook fake fake facebook hacked websites hidden inject magento malware miscellaneous panel pixel plugins popular script scripts skimmer software tracker website website malware infections website security wordpress wordpress plugins